Information Security Specialist

Out of Chaos we will find order As organisations continue to change, we will help them to make intelligent decisions and consolidate technologies, processes and data through clarity and innovation; making their tech universe a simpler place to understand, manage and traverse. Driven and developed by our community of 150+ passionate people united by one overall mission... to Architect our Clients Digital Future. We do this with a company culture that is client-centric to its core, and ruthlessly focused on delivering technology innovation that will accelerate our customers success. We are working to build this centre of excellence by building an amazing place to work, learn and develop for our people.

**_Responsibilities Overview: _**
- Provide support to the Information Security & Risk Management function.
- Assist the running of the Information Security Management Forum (ISMF) and during leave or absence stand in as Chair.
- Support the Implementation and improvement of the Information Security Management System (ISMS).
- Support audit programmes and gap analysis against key frameworks e.g. ISO27001, GDPR, NIST etc.
- Assist in the definition, implementation, and documentation of security standards, including governance, policies, processes and solutions aligned with best practice.

*_
Detailed Responsibilities: _*
- Support the incorporation of Information Security and Risk Management activities into the decision-making processes by all staff.
- Assist in the review of policies and procedures; their effectiveness and help ensure the continuing effectiveness of the Information Security and Risk Management function.
- Help validate the accuracy of Registers and Records.
- Provide / Draft (or arrange provision of) advice to the organisation to help make informed decisions regarding Information Security related matters, including risk and appropriate Security Improvement Actions.
- Support the maintenance of a watching brief over the ISMS and assist in the production an annual Information Security performance statement for the ISMS Management Review, incorporating effectiveness measurements, as per the ISMS Effectiveness Measurement Framework.
- Assist in the management and utilisation of related tools for Risk, Governance and Compliance including security tools such as SIEM, Vulnerability Management
- Assist in the review, discussion and direction of escalated risks, audit findings, Security Improvement Actions and other issues pertaining to Information Security that could affect the organisation.
- Support Management Reviews.
- Act as an internal security Subject Matter Expert (SME).
- Complete security questionnaires / RFIs/RFPs, maintain and improve an answers library as well as assisting with pre-sales security requirements and deliverables.

*_
Risk Management Responsibilities: _*
- Support Co-ordination, maintenance and monitoring of the Risk Management Policy and Framework.
- Support formal decision-making following reviews of progress made in addressing existing risks and Security Improvement Actions.
- Support the Risk Register being maintained correctly, and monitoring those risks marked for review are being reviewed within appropriate timescales.
- Assist in the routine reviewing the Risk Assessment (including Risk Treatment Plans and the Risk Acceptance Register) with maintenance responsibilities.

*_
Audit Responsibilities: _*
- Co-owner of the Internal Audit Plan, ensuring that all required audits are properly scheduled and updated.
- Collate and report audit findings to the ISMF.

*_
Incident Management Responsibilities: _*
- Support and assist in security incident management ensuring that they have been recorded and have been appropriately investigated.
- Support the Analysis of incidents to identify trends and notable lessons.

*_
Security Improvement Responsibilities: _*
- Contribute to the Security Improvement Plan (SIP)
- Help Identify appropriate Security Improvement Actions, as a result of risk assessment, incident, audit, or any other means of review.
- Assist in the implementation of agreed Security Improvement Actions.
- Help Identify any trends in non-conformities.

**Whats in it for you**
- A massive opportunity for you to develop your skills and knowledge in a supportive environment that thrives on growth and change.
- Competitive salary and benefits (in line with experience)
- Individual performance bonus
- Hybrid working model, 2/3 days in our Victoria Offices and at home
- Curious, open culture, with teams collaborating across geographies

**Living our Values at Orbus**
**Be Extraordinary**:Be the best version of yourself, grow, flourish and be better everyday.
**Own It**: We lead from the front We are empowered to take initiative and are given the freedom to do our best work. We're allowed to make mistakes as long as we learn and grow. Taking ownership shows others that they can trust us to do the right thing.
**Better Together**: We are One Team We work best when we are